From: Tomas Mraz Date: Fri, 5 Feb 2021 17:51:37 +0000 (+0100) Subject: Various cleanup of PROV_R_ reason codes X-Git-Tag: openssl-3.0.0-alpha12~82 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f5f29796f00b94d150087bc72469a4f60a67a23b;p=thirdparty%2Fopenssl.git Various cleanup of PROV_R_ reason codes Reviewed-by: Richard Levitte Reviewed-by: Paul Dale Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/14086) --- diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index c1a0f1d0bd..0e4f017287 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -936,7 +936,6 @@ PROP_R_PARSE_FAILED:108:parse failed PROP_R_STRING_TOO_LONG:109:string too long PROP_R_TRAILING_CHARACTERS:110:trailing characters PROV_R_ADDITIONAL_INPUT_TOO_LONG:184:additional input too long -PROV_R_AES_KEY_SETUP_FAILED:101:aes key setup failed PROV_R_ALGORITHM_MISMATCH:173:algorithm mismatch PROV_R_ALREADY_INSTANTIATED:185:already instantiated PROV_R_BAD_DECRYPT:100:bad decrypt @@ -944,13 +943,9 @@ PROV_R_BAD_ENCODING:141:bad encoding PROV_R_BAD_LENGTH:142:bad length PROV_R_BAD_TLS_CLIENT_VERSION:161:bad tls client version PROV_R_BN_ERROR:160:bn error -PROV_R_BOTH_MODE_AND_MODE_INT:127:both mode and mode int PROV_R_CIPHER_OPERATION_FAILED:102:cipher operation failed PROV_R_DERIVATION_FUNCTION_INIT_FAILED:205:derivation function init failed -PROV_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS:186:\ - derivation function mandatory for fips PROV_R_DIGEST_NOT_ALLOWED:174:digest not allowed -PROV_R_DRBG_ALREADY_INITIALIZED:187:drbg already initialized PROV_R_ERROR_INSTANTIATING_DRBG:188:error instantiating drbg PROV_R_ERROR_RETRIEVING_ENTROPY:189:error retrieving entropy PROV_R_ERROR_RETRIEVING_NONCE:190:error retrieving nonce @@ -967,7 +962,6 @@ PROV_R_FIPS_MODULE_IN_ERROR_STATE:225:fips module in error state PROV_R_GENERATE_ERROR:191:generate error PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE:165:\ illegal or unsupported padding mode -PROV_R_INAVLID_UKM_LENGTH:146:inavlid ukm length PROV_R_INDICATOR_INTEGRITY_FAILURE:210:indicator integrity failure PROV_R_INSUFFICIENT_DRBG_STRENGTH:181:insufficient drbg strength PROV_R_INVALID_AAD:108:invalid aad @@ -980,29 +974,24 @@ PROV_R_INVALID_DIGEST:122:invalid digest PROV_R_INVALID_DIGEST_LENGTH:166:invalid digest length PROV_R_INVALID_DIGEST_SIZE:218:invalid digest size PROV_R_INVALID_ITERATION_COUNT:123:invalid iteration count -PROV_R_INVALID_IVLEN:116:invalid ivlen PROV_R_INVALID_IV_LENGTH:109:invalid iv length PROV_R_INVALID_KEY:158:invalid key -PROV_R_INVALID_KEYLEN:117:invalid keylen -PROV_R_INVALID_KEY_LEN:124:invalid key len PROV_R_INVALID_KEY_LENGTH:105:invalid key length PROV_R_INVALID_MAC:151:invalid mac PROV_R_INVALID_MGF1_MD:167:invalid mgf1 md PROV_R_INVALID_MODE:125:invalid mode -PROV_R_INVALID_MODE_INT:126:invalid mode int PROV_R_INVALID_PADDING_MODE:168:invalid padding mode -PROV_R_INVALID_PSS_SALTLEN:169:invalid pss saltlen PROV_R_INVALID_PUBINFO:198:invalid pubinfo -PROV_R_INVALID_RSA_KEY:217:invalid rsa key PROV_R_INVALID_SALT_LENGTH:112:invalid salt length PROV_R_INVALID_SEED_LENGTH:154:invalid seed length PROV_R_INVALID_SIGNATURE_SIZE:179:invalid signature size PROV_R_INVALID_STATE:212:invalid state PROV_R_INVALID_TAG:110:invalid tag -PROV_R_INVALID_TAGLEN:118:invalid taglen +PROV_R_INVALID_TAG_LENGTH:118:invalid tag length PROV_R_INVALID_UKM_LENGTH:200:invalid ukm length PROV_R_INVALID_X931_DIGEST:170:invalid x931 digest PROV_R_IN_ERROR_STATE:192:in error state +PROV_R_KEY_SETUP_FAILED:101:key setup failed PROV_R_KEY_SIZE_TOO_SMALL:171:key size too small PROV_R_MISSING_CEK_ALG:144:missing cek alg PROV_R_MISSING_CIPHER:155:missing cipher @@ -1038,7 +1027,6 @@ PROV_R_PARENT_STRENGTH_TOO_WEAK:194:parent strength too weak PROV_R_PATH_MUST_BE_ABSOLUTE:219:path must be absolute PROV_R_PERSONALISATION_STRING_TOO_LONG:195:personalisation string too long PROV_R_PSS_SALTLEN_TOO_SMALL:172:pss saltlen too small -PROV_R_READ_KEY:159:read key PROV_R_REQUEST_TOO_LARGE_FOR_DRBG:196:request too large for drbg PROV_R_REQUIRE_CTR_MODE_CIPHER:206:require ctr mode cipher PROV_R_RESEED_ERROR:197:reseed error @@ -1048,18 +1036,16 @@ PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT:229:\ seed sources must not have a parent PROV_R_SELF_TEST_KAT_FAILURE:215:self test kat failure PROV_R_SELF_TEST_POST_FAILURE:216:self test post failure -PROV_R_TAG_NOTSET:119:tag notset +PROV_R_TAG_NOT_SET:119:tag not set PROV_R_TAG_NOT_NEEDED:120:tag not needed +PROV_R_TOO_MANY_RECORDS:126:too many records PROV_R_UNABLE_TO_FIND_CIPHERS:207:unable to find ciphers -PROV_R_UNABLE_TO_GET_ENTROPY:202:unable to get entropy -PROV_R_UNABLE_TO_GET_NONCE:203:unable to get nonce PROV_R_UNABLE_TO_GET_PARENT_STRENGTH:199:unable to get parent strength +PROV_R_UNABLE_TO_GET_PASSPHRASE:159:unable to get passphrase PROV_R_UNABLE_TO_INITIALISE_CIPHERS:208:unable to initialise ciphers -PROV_R_UNABLE_TO_LOAD_SHA1:143:unable to load sha1 PROV_R_UNABLE_TO_LOAD_SHA256:147:unable to load sha256 PROV_R_UNABLE_TO_LOCK_PARENT:201:unable to lock parent PROV_R_UNABLE_TO_RESEED:204:unable to reseed -PROV_R_UNKNOWN_PADDING_TYPE:163:unknown padding type PROV_R_UNSUPPORTED_CEK_ALG:145:unsupported cek alg PROV_R_UNSUPPORTED_KEY_SIZE:153:unsupported key size PROV_R_UNSUPPORTED_MAC_TYPE:137:unsupported mac type diff --git a/include/openssl/proverr.h b/include/openssl/proverr.h index 6c520bcef7..6e5c0debe7 100644 --- a/include/openssl/proverr.h +++ b/include/openssl/proverr.h @@ -22,7 +22,6 @@ * PROV reason codes. */ # define PROV_R_ADDITIONAL_INPUT_TOO_LONG 184 -# define PROV_R_AES_KEY_SETUP_FAILED 101 # define PROV_R_ALGORITHM_MISMATCH 173 # define PROV_R_ALREADY_INSTANTIATED 185 # define PROV_R_BAD_DECRYPT 100 @@ -30,12 +29,9 @@ # define PROV_R_BAD_LENGTH 142 # define PROV_R_BAD_TLS_CLIENT_VERSION 161 # define PROV_R_BN_ERROR 160 -# define PROV_R_BOTH_MODE_AND_MODE_INT 127 # define PROV_R_CIPHER_OPERATION_FAILED 102 # define PROV_R_DERIVATION_FUNCTION_INIT_FAILED 205 -# define PROV_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS 186 # define PROV_R_DIGEST_NOT_ALLOWED 174 -# define PROV_R_DRBG_ALREADY_INITIALIZED 187 # define PROV_R_ERROR_INSTANTIATING_DRBG 188 # define PROV_R_ERROR_RETRIEVING_ENTROPY 189 # define PROV_R_ERROR_RETRIEVING_NONCE 190 @@ -51,7 +47,6 @@ # define PROV_R_FIPS_MODULE_IN_ERROR_STATE 225 # define PROV_R_GENERATE_ERROR 191 # define PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE 165 -# define PROV_R_INAVLID_UKM_LENGTH 146 # define PROV_R_INDICATOR_INTEGRITY_FAILURE 210 # define PROV_R_INSUFFICIENT_DRBG_STRENGTH 181 # define PROV_R_INVALID_AAD 108 @@ -64,29 +59,24 @@ # define PROV_R_INVALID_DIGEST_LENGTH 166 # define PROV_R_INVALID_DIGEST_SIZE 218 # define PROV_R_INVALID_ITERATION_COUNT 123 -# define PROV_R_INVALID_IVLEN 116 # define PROV_R_INVALID_IV_LENGTH 109 # define PROV_R_INVALID_KEY 158 -# define PROV_R_INVALID_KEYLEN 117 -# define PROV_R_INVALID_KEY_LEN 124 # define PROV_R_INVALID_KEY_LENGTH 105 # define PROV_R_INVALID_MAC 151 # define PROV_R_INVALID_MGF1_MD 167 # define PROV_R_INVALID_MODE 125 -# define PROV_R_INVALID_MODE_INT 126 # define PROV_R_INVALID_PADDING_MODE 168 -# define PROV_R_INVALID_PSS_SALTLEN 169 # define PROV_R_INVALID_PUBINFO 198 -# define PROV_R_INVALID_RSA_KEY 217 # define PROV_R_INVALID_SALT_LENGTH 112 # define PROV_R_INVALID_SEED_LENGTH 154 # define PROV_R_INVALID_SIGNATURE_SIZE 179 # define PROV_R_INVALID_STATE 212 # define PROV_R_INVALID_TAG 110 -# define PROV_R_INVALID_TAGLEN 118 +# define PROV_R_INVALID_TAG_LENGTH 118 # define PROV_R_INVALID_UKM_LENGTH 200 # define PROV_R_INVALID_X931_DIGEST 170 # define PROV_R_IN_ERROR_STATE 192 +# define PROV_R_KEY_SETUP_FAILED 101 # define PROV_R_KEY_SIZE_TOO_SMALL 171 # define PROV_R_MISSING_CEK_ALG 144 # define PROV_R_MISSING_CIPHER 155 @@ -120,7 +110,6 @@ # define PROV_R_PATH_MUST_BE_ABSOLUTE 219 # define PROV_R_PERSONALISATION_STRING_TOO_LONG 195 # define PROV_R_PSS_SALTLEN_TOO_SMALL 172 -# define PROV_R_READ_KEY 159 # define PROV_R_REQUEST_TOO_LARGE_FOR_DRBG 196 # define PROV_R_REQUIRE_CTR_MODE_CIPHER 206 # define PROV_R_RESEED_ERROR 197 @@ -128,18 +117,16 @@ # define PROV_R_SEED_SOURCES_MUST_NOT_HAVE_A_PARENT 229 # define PROV_R_SELF_TEST_KAT_FAILURE 215 # define PROV_R_SELF_TEST_POST_FAILURE 216 -# define PROV_R_TAG_NOTSET 119 +# define PROV_R_TAG_NOT_SET 119 # define PROV_R_TAG_NOT_NEEDED 120 +# define PROV_R_TOO_MANY_RECORDS 126 # define PROV_R_UNABLE_TO_FIND_CIPHERS 207 -# define PROV_R_UNABLE_TO_GET_ENTROPY 202 -# define PROV_R_UNABLE_TO_GET_NONCE 203 # define PROV_R_UNABLE_TO_GET_PARENT_STRENGTH 199 +# define PROV_R_UNABLE_TO_GET_PASSPHRASE 159 # define PROV_R_UNABLE_TO_INITIALISE_CIPHERS 208 -# define PROV_R_UNABLE_TO_LOAD_SHA1 143 # define PROV_R_UNABLE_TO_LOAD_SHA256 147 # define PROV_R_UNABLE_TO_LOCK_PARENT 201 # define PROV_R_UNABLE_TO_RESEED 204 -# define PROV_R_UNKNOWN_PADDING_TYPE 163 # define PROV_R_UNSUPPORTED_CEK_ALG 145 # define PROV_R_UNSUPPORTED_KEY_SIZE 153 # define PROV_R_UNSUPPORTED_MAC_TYPE 137 diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c index 55978a1095..ecd3b8e081 100644 --- a/providers/common/provider_err.c +++ b/providers/common/provider_err.c @@ -17,8 +17,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ADDITIONAL_INPUT_TOO_LONG), "additional input too long"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_AES_KEY_SETUP_FAILED), - "aes key setup failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ALGORITHM_MISMATCH), "algorithm mismatch"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ALREADY_INSTANTIATED), @@ -29,18 +27,12 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BAD_TLS_CLIENT_VERSION), "bad tls client version"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BN_ERROR), "bn error"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_BOTH_MODE_AND_MODE_INT), - "both mode and mode int"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_CIPHER_OPERATION_FAILED), "cipher operation failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DERIVATION_FUNCTION_INIT_FAILED), "derivation function init failed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DERIVATION_FUNCTION_MANDATORY_FOR_FIPS), - "derivation function mandatory for fips"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DIGEST_NOT_ALLOWED), "digest not allowed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_DRBG_ALREADY_INITIALIZED), - "drbg already initialized"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ERROR_RETRIEVING_ENTROPY), @@ -68,8 +60,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_GENERATE_ERROR), "generate error"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INAVLID_UKM_LENGTH), - "inavlid ukm length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INDICATOR_INTEGRITY_FAILURE), "indicator integrity failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INSUFFICIENT_DRBG_STRENGTH), @@ -90,23 +80,16 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid digest size"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_ITERATION_COUNT), "invalid iteration count"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IVLEN), "invalid ivlen"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_IV_LENGTH), "invalid iv length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY), "invalid key"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEYLEN), "invalid keylen"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LEN), "invalid key len"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MAC), "invalid mac"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MGF1_MD), "invalid mgf1 md"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MODE), "invalid mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_MODE_INT), "invalid mode int"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PADDING_MODE), "invalid padding mode"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PSS_SALTLEN), - "invalid pss saltlen"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PUBINFO), "invalid pubinfo"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_RSA_KEY), "invalid rsa key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SALT_LENGTH), "invalid salt length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SEED_LENGTH), @@ -115,12 +98,15 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid signature size"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_STATE), "invalid state"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAGLEN), "invalid taglen"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG_LENGTH), + "invalid tag_length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_UKM_LENGTH), "invalid ukm length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_X931_DIGEST), "invalid x931 digest"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_IN_ERROR_STATE), "in error state"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_KEY_SETUP_FAILED), + "key setup failed"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_KEY_SIZE_TOO_SMALL), "key size too small"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_MISSING_CEK_ALG), "missing cek alg"}, @@ -168,7 +154,6 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "personalisation string too long"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_PSS_SALTLEN_TOO_SMALL), "pss saltlen too small"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_READ_KEY), "read key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_REQUEST_TOO_LARGE_FOR_DRBG), "request too large for drbg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_REQUIRE_CTR_MODE_CIPHER), @@ -182,27 +167,22 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "self test kat failure"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_SELF_TEST_POST_FAILURE), "self test post failure"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOTSET), "tag notset"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOT_SET), "tag not set"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TAG_NOT_NEEDED), "tag not needed"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_TOO_MANY_RECORDS), "too many records"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_FIND_CIPHERS), "unable to find ciphers"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_ENTROPY), - "unable to get entropy"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_NONCE), - "unable to get nonce"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_PARENT_STRENGTH), "unable to get parent strength"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_GET_PASSPHRASE), + "unable to get passphrase"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_INITIALISE_CIPHERS), "unable to initialise ciphers"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOAD_SHA1), - "unable to load sha1"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOAD_SHA256), "unable to load sha256"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_LOCK_PARENT), "unable to lock parent"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNABLE_TO_RESEED), "unable to reseed"}, - {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNKNOWN_PADDING_TYPE), - "unknown padding type"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_CEK_ALG), "unsupported cek alg"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_UNSUPPORTED_KEY_SIZE), diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c index 3aed088171..588e030417 100644 --- a/providers/implementations/ciphers/cipher_aes_hw.c +++ b/providers/implementations/ciphers/cipher_aes_hw.c @@ -114,7 +114,7 @@ static int cipher_hw_aes_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc index 13b52d5987..a2358b43f9 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc @@ -45,7 +45,7 @@ static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_hw_t4.inc index 2ccc383e9d..826ff0239d 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_t4.inc @@ -78,7 +78,7 @@ static int cipher_hw_aes_t4_initkey(PROV_CIPHER_CTX *dat, } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_AES_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index b94d7644df..faa6cb470c 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -451,7 +451,7 @@ static int aes_ocb_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc || p->data_size != ctx->taglen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, ctx->taglen); diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index f457aaf750..67a282f59c 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include #include "cipher_aria.h" static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, @@ -21,7 +22,7 @@ static int cipher_hw_aria_initkey(PROV_CIPHER_CTX *dat, else ret = aria_set_decrypt_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } dat->ks = ks; diff --git a/providers/implementations/ciphers/cipher_camellia_hw.c b/providers/implementations/ciphers/cipher_camellia_hw.c index 06b29ca287..66a2b143c3 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw.c +++ b/providers/implementations/ciphers/cipher_camellia_hw.c @@ -13,6 +13,8 @@ */ #include "internal/deprecated.h" +#include +#include #include "cipher_camellia.h" static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, @@ -25,7 +27,7 @@ static int cipher_hw_camellia_initkey(PROV_CIPHER_CTX *dat, dat->ks = ks; ret = Camellia_set_key(key, keylen * 8, ks); if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_ARIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } if (dat->enc || (mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE)) { diff --git a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc index c04613700a..032402a556 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc @@ -67,7 +67,7 @@ static int cipher_hw_camellia_t4_initkey(PROV_CIPHER_CTX *dat, } } if (ret < 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_CAMELLIA_KEY_SETUP_FAILED); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SETUP_FAILED); return 0; } return 1; diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 0565b05f39..b328cdb993 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -113,11 +113,11 @@ static int chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if (!ctx->base.enc) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } memcpy(p->data, ctx->tag, p->data_size); @@ -180,7 +180,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (p->data_size == 0 || p->data_size > POLY1305_BLOCK_SIZE) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } if (p->data != NULL) { @@ -214,7 +214,7 @@ static int chacha20_poly1305_set_ctx_params(void *vctx, return 0; } if (hw->tls_iv_set_fixed(&ctx->base, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index dd8bbefa36..11688080ce 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -89,7 +89,7 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, keylen); diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 2accb24b0a..59c8a976cc 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -80,7 +80,7 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->init(ctx, key, ctx->keylen); diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 2e0603ce19..9f6c82bddd 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -191,7 +191,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, if (key != NULL) { if (ctx->variable_keylength == 0) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } } else { @@ -613,7 +613,7 @@ int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, { if (ivlen != ctx->ivlen || ivlen > sizeof(ctx->iv)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->iv_set = 1; diff --git a/providers/implementations/ciphers/ciphercommon_ccm.c b/providers/implementations/ciphers/ciphercommon_ccm.c index a87bf487e6..a780e7aed3 100644 --- a/providers/implementations/ciphers/ciphercommon_ccm.c +++ b/providers/implementations/ciphers/ciphercommon_ccm.c @@ -78,7 +78,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if ((p->data_size & 1) || (p->data_size < 4) || p->data_size > 16) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAGLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_TAG_LENGTH); return 0; } @@ -103,7 +103,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) } ivlen = 15 - sz; if (ivlen < 2 || ivlen > 8) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } ctx->l = ivlen; @@ -130,7 +130,7 @@ int ccm_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 0; } if (ccm_tls_iv_set_fixed(ctx, p->data, p->data_size) == 0) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } } @@ -162,7 +162,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -175,7 +175,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_UPDATED_IV); if (p != NULL) { if (ccm_get_ivlen(ctx) > p->data_size) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } if (!OSSL_PARAM_set_octet_string(p, ctx->iv, p->data_size) @@ -200,7 +200,7 @@ int ccm_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_AEAD_TAG); if (p != NULL) { if (!ctx->enc || !ctx->tag_set) { - ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOTSET); + ERR_raise(ERR_LIB_PROV, PROV_R_TAG_NOT_SET); return 0; } if (p->data_type != OSSL_PARAM_OCTET_STRING) { @@ -228,7 +228,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, if (iv != NULL) { if (ivlen != ccm_get_ivlen(ctx)) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IVLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_IV_LENGTH); return 0; } memcpy(ctx->iv, iv, ivlen); @@ -236,7 +236,7 @@ static int ccm_init(void *vctx, const unsigned char *key, size_t keylen, } if (key != NULL) { if (keylen != ctx->keylen) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEYLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } return ctx->hw->setkey(ctx, key, keylen); diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index 8b9d06b0a4..02a496d1dd 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -513,7 +513,7 @@ static int gcm_tls_cipher(PROV_GCM_CTX *ctx, unsigned char *out, size_t *padlen, * side only. */ if (ctx->enc && ++ctx->tls_enc_records == 0) { - ERR_raise(ERR_LIB_PROV, EVP_R_TOO_MANY_RECORDS); + ERR_raise(ERR_LIB_PROV, PROV_R_TOO_MANY_RECORDS); goto err; } diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index a22e3a6406..09776127d4 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -87,7 +87,7 @@ static int der_from_p8(unsigned char **new_der, long *new_der_len, size_t plen = 0; if (!pw_cb(pbuf, sizeof(pbuf), &plen, NULL, pw_cbarg)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); } else { const X509_ALGOR *alg = NULL; const ASN1_OCTET_STRING *oct = NULL; diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index a8c9432f2d..8f868249ee 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -96,7 +96,7 @@ static X509_SIG *p8info_to_encp8(PKCS8_PRIV_KEY_INFO *p8info, if (!ossl_pw_get_passphrase(kstr, sizeof(kstr), &klen, NULL, 1, &ctx->pwdata)) { - ERR_raise(ERR_LIB_PROV, PROV_R_READ_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_UNABLE_TO_GET_PASSPHRASE); return NULL; } /* First argument == -1 means "standard" */ diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index 7420819a09..a3ecea2b03 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -285,13 +285,13 @@ static int pbkdf2_derive(const char *pass, size_t passlen, * results in an overflow of the loop counter 'i'. */ if ((keylen / mdlen) >= KDF_PBKDF2_MAX_KEY_LEN_DIGEST_RATIO) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (lower_bound_checks) { if ((keylen * 8) < KDF_PBKDF2_MIN_KEY_LEN_BITS) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LEN); + ERR_raise(ERR_LIB_PROV, PROV_R_KEY_SIZE_TOO_SMALL); return 0; } if (saltlen < KDF_PBKDF2_MIN_SALT_LEN) { diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 08de2a07cc..0f7f65ddbb 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -16,6 +16,7 @@ #include #include #include +#include #include "openssl/param_build.h" #include "internal/param_build_set.h" #include "prov/implementations.h" @@ -464,7 +465,7 @@ static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg) return key; if (gctx->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY); ossl_mac_key_free(key); return NULL; } diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c index c9d404d5ea..1d5d26f170 100644 --- a/providers/implementations/macs/gmac_prov.c +++ b/providers/implementations/macs/gmac_prov.c @@ -191,7 +191,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) if (EVP_CIPHER_mode(ossl_prov_cipher_cipher(&macctx->cipher)) != EVP_CIPH_GCM_MODE) { - ERR_raise(ERR_LIB_PROV, EVP_R_CIPHER_NOT_GCM_MODE); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE); return 0; } if (!EVP_EncryptInit_ex(ctx, ossl_prov_cipher_cipher(&macctx->cipher), @@ -204,7 +204,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) return 0; if (p->data_size != (size_t)EVP_CIPHER_CTX_key_length(ctx)) { - ERR_raise(ERR_LIB_PROV, EVP_R_INVALID_KEY_LENGTH); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } if (!EVP_EncryptInit_ex(ctx, NULL, NULL, p->data, NULL)) diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 8f74c2306a..3a57dd0db6 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -258,7 +258,7 @@ static int kmac_init(void *vmacctx) /* Check key has been set */ if (kctx->key_len == 0) { - ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET); + ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET); return 0; } if (!EVP_DigestInit_ex(kctx->ctx, ossl_prov_digest_md(&kctx->digest), diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index 09b33bbdb7..cb68de3b3e 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -1245,7 +1245,7 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) * lowest saltlen number possible. */ if (saltlen < RSA_PSS_SALTLEN_MAX) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH); return 0; } @@ -1253,7 +1253,8 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) switch (saltlen) { case RSA_PSS_SALTLEN_AUTO: if (prsactx->operation == EVP_PKEY_OP_VERIFY) { - ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_PSS_SALTLEN); + ERR_raise_data(ERR_LIB_PROV, PROV_R_INVALID_SALT_LENGTH, + "Cannot use autodetected salt length"); return 0; } break;